NFT Storage and Availability: A Risk Worth Considering
In 2021, we witnessed explosive levels of interest and financial gains in Non-Fungible Tokens (NFTs), which are digital art assets (i.e. images, gifs, and music) whose ownership can be proved and referenced via a transaction ID on an immutable blockchain. NFTs have existed since at least 2014, when Kevin McCoy created (minted) the very first digital artwork token, “Quantum,” which sold for $1,472,000 USD in a Sotheby’s auction mid-2021 (Figure 1). According to a recent article published by Nasdaq, the global NFT market is currently a $370 billion dollar market, with the potential to grow 1,000-fold over the next decade.
The biggest draws to these online collectibles are the perceived immutable nature of the artwork (in that no one can have their asset seized, stolen, or destroyed) and the proof-of-ownership that resides on-chain. However, when someone purchases an NFT, whether it be for $20 USD or $69 million USD, what exactly is the buyer getting and how immutable is that data? In the case of most NFTs created today, users are not buying an immutable asset, but rather an immutable link that points to a hosting location off-chain. Because the hosting source is not on-chain, the potential for asset loss exists.
In this blog post, we’ll review different approaches to NFT storage and the associated security and data availability risks.
NFT Marketplaces and Their Storage Solutions
At the time of this writing, most of the NFT collectibles being minted and traded today are done so on the Ethereum blockchain network. Some of the most popular and unique marketplaces within the space being Mintable, SuperRare, and Valuables.
When conducting research into the structure and storage of the NFTs being sold on these platforms, we discovered a mix of on- and off- chain data. This is due to issues surrounding the scaling limits and the costs to support massive amounts of on-chain content data. Many of the Ethereum-based NFT marketplaces, not only the ones mentioned in this blog, have implemented cost-saving features that offload the actual NFT artwork to third-party, off-chain, private servers. A visual example of common Ethereum-based NFT structures can be seen in Figure 2.
Below are some examples of various NFTs and their storage mechanisms:
Mintable is a popular Singapore-based NFT marketplace due to its easy-to-use user interface (UI) and features such as zero fee (“gasless”) minting and royalty payments. This has attracted various Grammy-winning artists, esteemed artists, and high-profile celebrities to the platform. The metadata associated with an NFT on Mintable indicates that the asset is stored on Amazon’s cloud service (CloudFront) (Figures 3-4).
According to their website, “SuperRare is a marketplace to collect and trade unique, single-edition digital artworks. Each artwork is authentically created by an artist in the network and tokenized as a crypto-collectible digital item that you can own and trade. You can think of SuperRare like Instagram meets Christies.” Metadata associated with an NFT on SuperRare, indicates that the asset is stored on InterPlanetary File System (IPFS) (Figures 5-6).
Valuables is a niche marketplace, where users can buy, sell, and bid on NFTs for other users’ Tweets. The metadata associated with a specific NFT on Valuables (Figure 7) — a tweet that in March 2021 sold for $6,000 USD— indicates that the platform is currently privately hosting screenshots of the purchased tweets on IPFS but has plans to offload the storage costs and responsibility of maintaining the tweet screenshot data to a service called Arweave, a decentralized file storage network (Figures 8 & 9).
Should “Data Availability” Be a Concern?
In the following section, we’ll review some of popular storage solutions being leveraged by NFT marketplaces and consider various security and data availability risks associated with each.
Centralized Server Solutions
Amazon CloudFront is a content delivery network (CDN) operated by Amazon Web Services (AWS). CDNs provide content delivery services for media streaming, social media, web object, web portals, and downloads, among others. As previously reported by Mandiant, attacks on CDNs can disrupt or prevent user access to a large quantity of third-party content hosted on their servers, including websites and file storage.
Attacks against CDNs may only cause temporary data availability issues. For example, NFT content may be unavailable for the duration of a Distributed Denial of Service (DDoS) attack. However, the potential for complete data loss should also be a concern. In December of 2020, Mandiant published the following reports highlighting the interest among cyber criminals in ways to exploit CDNs:
- In June 2020 English-speaking actor "workerB" solicited other actors who have experience bypassing CloudFront, Cloudfare, Fastly, and Amazon web services Web Application Firewalls (WAFs). Bypassing the WAF could enable an actor to perform various types of attacks—such as SQL injection (SQLi) and cross-site scripting (XSS)—that if successful could allow unauthorized access to the protected data.
- Russian-Speaking Actor 'Buffer' Advertises Access to the AWS of one of the U.S. State Governments
Distributed Server Solutions
InterPlanetary File System (IPFS)
InterPlanetary File System (IPFS) is a distributed peer-to-peer network for storing and sharing data. IPFS uses a method of content-addressing called “content ID” (CID) for mapping content and its stored location.
As with many distributed content hosting platforms, misaligned incentives occur between the individual wanting access to the data (in this case, the NFT asset) and the ones hosting said data. Individuals running IPFS servers (aka “nodes”) bear the costs of storing the data on their servers. If the owner and operator of an IPFS node hosting a particular piece of content deletes the data then any IPFS URI linking to that data will no longer work. IPFS only functions as a long-term data storage option if someone, somewhere, and at any given moment, is online and hosting the data. When a file is uploaded to IPFS, there is no guarantee that your data is replicated or secure. IPFS is a unique way of addressing distributed data, but not actually storing data. In fact, within the IPFS software there exists a feature called garbage collection (Figure 10) wherein the software will automatically delete certain content it “thinks” is no longer needed.
As a response to the obvious concerns about data availability, the IPFS documentation suggests the use of a Pinning service. These services allow users to “pin” their content for a fee, but it is unclear who will ultimately pay these fees to guarantee buyers’ access to NFT content.
Following criticisms of IPFS, some NFT creators are working with Arweave as a potential solution (Figure 10). Arweave is a peer-to-peer file storage that offers content storage as-a-service, where data is stored on a blockchain, and is accessible by common web browsers. Users pay a one-time fee to upload data to the network, and part of the fee is distributed to the miners who maintain the data. However, like many blockchain-based networks being developed, both the economic incentive and technical protocol structures are unique to each network and may vary. It is too early to determine if Arweave’s distributed data storage is a viable long-term solution.
Has Anyone Ever Lost Their NFT Content?
While conducting research for this report, Mandiant researchers discovered several instances of buyers losing access to their NFT content.
- In March 2021, the popular music artist 3LAU made history by auctioning 33 audio-NFTs for $11.6 million USD (Figure 11). Each of the NFT owners could redeem the NFT for an autographed limited-edition vinyl and unreleased music. The auction’s top bidder even won the chance to collaborate with 3LAU. However, days later it appeared that the NFT content was no longer discoverable online.
- In September 2021, a property developer claimed an NFT he purchased for $500 USD went missing from his wallet a week later, and instead of seeing the artwork displayed in his wallet, the owner saw the following error message (Figure 12). Turns out, when the owner purchased the NFT on the OpenSea Marketplace, the metadata that contained the URI pointing to the artwork was supressed by OpenSea administrators because the image violated their terms and conditions related to copyrighted material.
- In September of 2021, an OpenSea bug resulted in at least 42 NFTs (valued around $100,000 USD) to go missing.
Data availability is a critical component of NFT success and immutability, and the current implementations fall short; the Ethereum-based NFT industry lacks a formal framework for where and how to store NFT content. While the IPFS network is a popular option amongst NFT creators, the decision is ultimately left to the individual creator of each NFT, or the platform hosting the minting functions. Buyers must ask if it makes sense to spend any amount of money on an NFT with no guarantees the data will exist long-term.
Blockchain technology promises inherent solutions to data confidentiality, integrity, and accessibility, yet it seems the commonly discussed issue of scalability remains. If a blockchain protocol can prove itself to be economically sound in its incentivization mechanisms and technically sound in its scalability, then it would position itself as a viable solution across not only the NFT market but a myriad of sectors and enterprise-level applications – where data security and availability are paramount to success.